Announcement

Collapse
No announcement yet.

successful bump key attack of a Schlage Primus

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • successful bump key attack of a Schlage Primus

    At the local TOOOL meeting this month individuals successfully did a bump key attack on a Schlage Primus lock. For the longest time i thought this not actually possible. Well, as i state in the beginning title card of the video... nearly everyone thought this wasn't possible. Indeed, however, it is...


    click for video

    Now, a few points to keep in mind...
    1. This isn't easy, even when everything goes right. (although you see a lot of people at the TOOOL meeting manage to do it in that video, heh)

    2. The bump key must be created with the correct sidebar bitting code for that specific lock. It isn't completely trivial to obtain that sort of information, but there are ways it's possible in a lot of instances. For example, in mastered systems the sidebar is often common across all locks. Also, the basic "Level One" Primus is the same sidebar across the nation.

    3. A lot of bump attacks seem to be effectively mitigated by a new anti-bump pin from the ilco company (i mention this at the end of the video, too) and we'll be discussing and demonstrating them in the Lockpick Village this year at DEFCON.

    4. Yeah, yeah... i know we're using Peterson bump hammers. Throw shmooballs at us for that one. mouse had my tomahawk and other people didn't bring theirs... so we're shooting the video with what we had laying around. It's the equivalent of a creating video demonstrating a new type of awesome 5.56 round but firing it from an Olympic Arms Plinker.

    The Schlage Primus remains one of my favorite locks, both from an anti-pick perspective and especially from a backward-compatible perspective (you can key other SC-1 hardware store locks to the same top bitting and keep only one key... the Primus for your serious deadbolt and less expensive SC-1 doorknobs for outdoor closets and such, but you only carry the one Primus key with you)

    With the addition of some drop-in aftermarket pins to mitigate bumping, i think it will even be high up there in an anti-bump perspective for me. Still, my end-all-be-all favorite these days remains the Abloy Protec.
    "I'll admit I had an OiNK account and frequented it quite often… What made OiNK a great place was that it was like the world's greatest record store… iTunes kind of feels like Sam Goody to me. I don't feel cool when I go there. I'm tired of seeing John Mayer's face pop up. I feel like I'm being hustled when I visit there, and I don't think their product is that great. DRM, low bit rate, etc... OiNK it existed because it filled a void of what people want."
    - Trent Reznor

  • #2
    Re: successful bump key attack of a Schlage Primus

    I don't think Deviant does justice enough to how huge a feat this is. I, personally, have funded some research into this lock in the past. People have been attacking it for years and convinced of it's status as bump-proof for nearly as long.

    This is the most exciting thing I've seen done in a long time. For me this is kind of a moral victory, too, as Schlage's PR department have come out strongly against the locksport community when consulted by the press, yet here we have people not only defeating their locks, but also pointing to simple methods to defend against their own attack.

    Nicely done!

    Comment


    • #3
      Re: successful bump key attack of a Schlage Primus

      Originally posted by Schuyler View Post
      I don't think Deviant does justice enough to how huge a feat this is
      heh... i customarily try to be modest, and let others look into the facts and draw their own conclusions as to whether or not a link should be forwarded among their friends.

      Originally posted by Schuyler View Post
      Schlage's PR department have come out strongly against the locksport community
      i did not know that... any examples you can cite?

      Originally posted by Schuyler View Post
      Nicely done!
      thanks, man. it was all Ed. it started hen he was experimenting with picking Primus locks... using the "common sidebar" as a starting weakness, he figured he could cut down a Primus key with the generic sidebar and leave the extra room at the top for picking, using the remaining lower half of the key as a tension tool. (kind of like the old Everest technique)

      well... whenever Ed wants to cut a key down like that, he pops it into his code-cutter and sets it for all nines. that leaves the ridge pattern which is easily removed with a hand-file. he was about to carve the rest down, when he thought... "ah, what the hell... why not give this a try since i have a 999 key anyway at the moment"

      it worked incredibly and he told me about it in an email... then at the next TOOOL meeting we kept quiet all the way through dinner, etc. and only when the picks and locks started coming out, Ed produced the three mortise cylinders with keys turned 90 degrees. when people realized what he'd done, there was such a flutter of emotion and discussion. we hurried to the kitchen table to let people try it out with vices and such in a location with good lighting that could be used for recording. there was no way i was going to miss out on sharing the story with others.

      i was so thrilled that so many folk wound up being able to do it. first Ed shows us (and gets it on the first blow), then shortly afterwards Dave pops the same lock (once he dials down his tension force), and then almost immediately afterward i pop a second lock, then Jim gets it open (these last two openings aren't even in a vice, we're just holding the cylinder in our bare hands), and on and on it goes.
      "I'll admit I had an OiNK account and frequented it quite often… What made OiNK a great place was that it was like the world's greatest record store… iTunes kind of feels like Sam Goody to me. I don't feel cool when I go there. I'm tired of seeing John Mayer's face pop up. I feel like I'm being hustled when I visit there, and I don't think their product is that great. DRM, low bit rate, etc... OiNK it existed because it filled a void of what people want."
      - Trent Reznor

      Comment


      • #4
        Re: successful bump key attack of a Schlage Primus

        Originally posted by Schuyler View Post
        <snip snip>...as Schlage's PR department have come out strongly against the locksport community when consulted by the press...<snip snip>
        Originally posted by Deviant Ollam View Post
        <snip snip>...i did not know that... any examples you can cite?...<snip snip>
        It was you who cited such an example not too long ago, Deviant, from the thread titled "oh noes!!1! teh h4x0rz are bumping!!"

        Originally posted by Deviant Ollam View Post
        Bump Key Perspective from Schlage (http://www.securitytechnologies.inge...p_Key.pdf)Long used by certified locksmiths and other authorized professionals, bump keys – also known as bypass keys – are not ordinary, everyday items, but rather professional industry tools like pickguns and lock picks, which have been used for decades by locksmiths to help individuals rightly access their homes and personal belongings.

        Regrettably, the bump key and related bypass techniques are now being promoted broadly via the Internet and hacker organizations, increasing awareness that stretches well beyond the community of licensed locksmith professionals and creating the possibility that professional locksmith tools could be used for illegal and inappropriate purposes.what is the world coming to?

        man, i used to recommend Schlage to a lot of people concerned about bumping and picking attacks because i like their Primus line of products. now, well, i won't stop mentioning that they are a good design, but if they keep up chatter like this their name will be mud with me a little bit. (bonus points to the first person to get the joke tucked in there.)
        But indeed a feat, I never thought I'd see a bump on a Primus actually work, and not clamped down no less. Bravo.
        "You have cubed asscheeks?"... "Do you not?"

        Comment


        • #5
          Re: successful bump key attack of a Schlage Primus

          Originally posted by sintax_error View Post
          It was you who cited such an example not too long ago, Deviant
          hah... oh, right.
          "I'll admit I had an OiNK account and frequented it quite often… What made OiNK a great place was that it was like the world's greatest record store… iTunes kind of feels like Sam Goody to me. I don't feel cool when I go there. I'm tired of seeing John Mayer's face pop up. I feel like I'm being hustled when I visit there, and I don't think their product is that great. DRM, low bit rate, etc... OiNK it existed because it filled a void of what people want."
          - Trent Reznor

          Comment


          • #6
            Re: successful bump key attack of a Schlage Primus

            My original statement here was inaccurate. I'm actually having a little trouble finding any more "media statements" from them regarding the subject.
            Last edited by sintax_error; July 3, 2009, 13:30.
            "You have cubed asscheeks?"... "Do you not?"

            Comment


            • #7
              Re: successful bump key attack of a Schlage Primus

              While a little unrelated:

              On the fictional USA Series Burn Notice they demonstrated what and how a bump key is used. They showed you in low detail how one is made, and used( though to my understanding incorrectly). I think they put to much emphasis on the hammer & torquing the lock; though I'm far from being an expert. If one of our experts saw the episode perhaps they would like to comment. Anyway Fiona is hot.

              xor

              Ps Of course next time the lock manufacturers blame lock sport for making their locks less secure, lock pickers can just blame TV.
              Last edited by xor; July 11, 2009, 11:15.
              Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.

              Comment


              • #8
                Re: successful bump key attack of a Schlage Primus

                There's an episode where they complain about a person having a nine pin dimple lock. I just give props for mentioning a dimple lock really. And the fact that they normally have a tensioner and pick in a lock when making like they are picking where most people just wave a shiny stick in front of the prop lock on shows.

                Hadn't seen the bump key one, was figuring they would get to that sooner or later. Maybe the writers read this board.

                On lock makers being mean, yeah... sometimes. I'm still testing waters with our local manufacturing facility to see how nice they want to be to me.
                ----------------------------------------
                Fraternal Order of Locksport

                Comment


                • #9
                  Re: successful bump key attack of a Schlage Primus

                  Originally posted by valanx View Post

                  Hadn't seen the bump key one, was figuring they would get to that sooner or later. Maybe the writers read this board.
                  It was last weeks new episode where they showed it. They showed him making the key first and then him testing it with his shoe at his shop.

                  Later in the episode he did it with the regular bump tool, but if you watch, he did it wrong.

                  If you haven't watched Burn Notice yet, take some time on thursday night and watch it. Any show where Gabrielle Anwar is scantily dressed, carrying a shotgun and likes to blow things up is cool. Plus it has Bruce Campbell in it.
                  A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

                  Comment


                  • #10
                    Re: successful bump key attack of a Schlage Primus

                    Originally posted by streaker69 View Post
                    It was last weeks new episode where they showed it. They showed him making the key first and then him testing it with his shoe at his shop.

                    Later in the episode he did it with the regular bump tool, but if you watch, he did it wrong.
                    Huh, I've actually just started watching the show, when they release the new episode on demand I'll check it out (maybe tonight). I've liked it a lot so far, kind of a modern A Team.

                    My comments on Schlage's opinion of locksport are related to my attempts to get in touch with them for NDE & in 2 articles I've seen them comment on, one of which is on the wall above my desk and has them lamenting that we should be more like magicians and "keep trade secrets in the room." I don't have a copy of the other one, but it was similarly negative. Though, Schlage has typically come across as dismissive / whiny about the community, rather than outraged like the folks at ALOA.

                    Comment


                    • #11
                      Re: successful bump key attack of a Schlage Primus

                      Watching the episode of Burn Notice now. Honestly, how he describes it, though a little vague, is dead on, though there is some debate about the best way/time to apply torque and when he tested it by hitting it with the heel of his shoe it was accurate. Gotta say, I'm impressed. And love that he used the heel, that's classic, I mention that as a possibility when I'm talking about bumping.

                      Plus - Fiona walks in and says "Not as much fun as picking a lock" or something to that effect. Brilliant. Maybe he'll screw it up later in the episode, but so far, it's great.

                      EDIT: So, he was too slow in turning the key the second time around, but he even used a legit bump hammer. I'm still impressed!
                      Last edited by Schuyler; July 16, 2009, 20:18.

                      Comment

                      Working...
                      X